Fortinet black logo

Cookbook

Home FortiAuthenticator 5.5.0 Cookbook

Creating the QoS rule on the FortiWLC

5.5.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.5.0
Copy Link
Copy Doc ID 53d09085-7746-11e9-81a4-00505692583a:146088
Download PDF

Creating the QoS rule on the FortiWLC

  1. On the FortiWLC, go to Configuration > Policies > QoS and select the QoS and Firewall Rules tab. Select ADD to create two profiles.

    2. For the first rule, allow the wireless client to access the FortiAuthenticator guest portal.

  • ID: Rule number (in the example, 20).
  • Destination IP: IP address of the FortiAuthenticator, and enable Match.
  • Destination Netmask: 255.255.255.255
  • Destination Port: 443, and enable Match.
  • Network Protocol: 6, and enable Match.
  • Firewall Filter ID: String from the security profile, and enable Match.
  • QoS Protocol: Other.

  • For the second rule, allow FortiAuthenticator to reach the clients.
    • ID: Rule number (in the example, 21).
    • Source IP: IP address of the FortiAuthenticator, and enable Match.
    • Source Netmask: 255.255.255.255
    • Source Port: 443, and enable Match.
    • Network Protocol: 6, and enable Match.
    • Firewall Filter ID: Use the Passthrough Firewall Filter ID string from the security profile, and enable Match.
    • QoS Protocol: Other.

    Previous
    Next

    Creating the QoS rule on the FortiWLC

    1. On the FortiWLC, go to Configuration > Policies > QoS and select the QoS and Firewall Rules tab. Select ADD to create two profiles.

      2. For the first rule, allow the wireless client to access the FortiAuthenticator guest portal.

    • ID: Rule number (in the example, 20).
    • Destination IP: IP address of the FortiAuthenticator, and enable Match.
    • Destination Netmask: 255.255.255.255
    • Destination Port: 443, and enable Match.
    • Network Protocol: 6, and enable Match.
    • Firewall Filter ID: String from the security profile, and enable Match.
    • QoS Protocol: Other.

  • For the second rule, allow FortiAuthenticator to reach the clients.
    • ID: Rule number (in the example, 21).
    • Source IP: IP address of the FortiAuthenticator, and enable Match.
    • Source Netmask: 255.255.255.255
    • Source Port: 443, and enable Match.
    • Network Protocol: 6, and enable Match.
    • Firewall Filter ID: Use the Passthrough Firewall Filter ID string from the security profile, and enable Match.
    • QoS Protocol: Other.

    Previous
    Next